I am going to make web application using PHP which contains many pages, but I should check if the visitor is authenticated to view content or not by X domain.
The X domain can read the header MSISDN from the visitor (if exist) and check if he is authenticate or not.
So I am going to redirect user to X domain to allow him to read the header, and he will redirect user back to me if it can access content, what is the best way for X domain to inform me if the user is authenticated or not!
As I see:
-
I will not use a GET parameter that its not secured anymore.
-
I tried to check referring URL but I could not always read it!
is it good way to X site send me a POST parameter, or their are another method?
Noting that its not too important to be very secured.
Aucun commentaire:
Enregistrer un commentaire